I’m going to be changing the ISP in another month or so. (That’s how we reduce ISP charges – flipping between ISPs every year or so), Anyway that’s going to require changing the Wifi SSID and password in the RPi. Can I just edit the file: /etc/wpa_supplicant/wpa_supplicant.conf with the new SSID and password? Of course I would have to do that while I’m on the old ISP SSID and password because I’m using SSH. The reason for asking is I notice the password in the file is hashed (it’s just hex characters, not the actual password). I would have to enter the un-hashed password. Would that work?
1 Like
What image are you using?
1 Like
Using Debian Package Add-on.
1 Like
I just now opened file /etc/wpa_supplicant/wpa_supplicant.conf . Found that my plain password was encrypted by Raspberry Pi imager when I wrote image to microSD card.
I replaced encrypted password by plain password. Although encrypted password was not enclosed in double quotes (" “), I had to enclose the plain password in double quotes (” ") like this:
psk="myPlainPassword"
Saved file, rebooted Pi, and could SSH through WiFi
ALTERNATIVE:
How to encrypt wifi password on a Raspberry Pi OS image
If you are using a headless setup for your Raspberry Pi, you can easily set up a wpa_supplicant.conf file to connect to wifi. You can mask your password for security reasons as follows.
Your wpa_supplicant.conf file has network objects that look like this:
network={
ssid="testNetwork"
psk="testingPassword"
}
Where ssid is your network name and psk is your password. But you’ll notice that that is just a plain text password, which we all know is a no-no.
Use this command:
wpa_passphrase [ssid-name] [password-name]
Be sure to wrap the network and/or password in quotes if you have spaces in either.
This command will spit out a new network object that looks like this:
network={
ssid="testNetwork"
#psk="testingPassword"
psk=575827beef2c7dbdcf817a9cd0e6b96fb0fd3f54e2c0fbf24a38eb04fb7e9aa3
}
Be sure to delete line #psk="testingPassword"
1 Like
Or you could just change your new router to existing SSID & Password then you don’t have to re do all your WiFi gear
1 Like
@abcd567 Thanks, I see you don’t recommend editing the boot partition on the micro SD card on another desktop machine (a Mac in my case). That is, add a new wpa_supplicant.conf file back in there.
@Jonseyt23 Yeah, that would definitely be the easier way. Course it’s not my equipment, so I’ll have to make sure I can get access.
1 Like
YES, that is the preferred method. I have accidentally discovered it and found it works OK.
What happened that in first attempt, I replaced encrypted password in file /etc/wpa_supplicant/wpa_supplicant.conf by same password, but unencrypted. However I made a mistake that I did not enclose plain password in quotes (" "). When rebooted Pi, it failed to connect to WiFi. I cannot access it now unless I connect a network wire.
Instead of connecting a network wire, I shutdown the Pi, slipped out microSD card, put in a card reader and slipped into my Windows PC, and opened microSD card drive (folder /boot) and created file wpa_supplicant.conf with SSID and WiFi Password in plain words, but both enclosed in double quotes (" "). Then slipped out microSD card from Windows PC, slipped into RPi and booted, and RPi connected to network on WiFi.
That is how I came to know that enclosing plain password in quotes (" ") was necessary.
ADDITIONAL TRICK
As I am frequently re-imaging microSD card 
, I have two files saved on my Windows PC’s desktop. These files are named ssh and wpa_supplicant.conf.
After writing the image on microSD card, I simply copy-paste OR drag-drop these two file in /boot folder of microSD card while it is still in card reader of Windows PC
The file ssh is blank.
The contents of file wpa_supplicant.conf are as follows:
country=CA
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
network={
ssid="my-SSID"
psk="my-WiFi-Plain-Password"
}
2 Likes
Ok, I think editing the boot partition on the microSD card on an external machine is the better way to go. I assume the Wifi password ends up as plain text in file /etc/wpa_supplicant/wpa_supplicant.conf and so you have to do the command wpa_passphrase [ssid-name] [password-name] to encrypt it.
At boot, the file /boot/wpa_supplicant.conf is moved to folder /etc/wpa_supplicant/. If a file named wpa_supplicant.conf already exist there, it gets replaced by the new file moved from /boot partition.
So whatever form (unencrypted or encrypted) you created file in boot partition, (/boot/wpa_supplicant.conf), same will appear in file /etc/wpa_supplicant/wpa_supplicant.conf.
My file wpa_supplicant.conf, which was saved on my Windows desktop, and which I used to copy paste to microSD card /boot folder, had following content:
country=CA
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
network={
ssid="mySSID"
psk="myPasWord"
}
I generated encrypted password by command
wpa_passphrase "mySSID" "myPasWord"
and changed un-encryptrd password by encrypted password. It’s content are now as follows
country=CA
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
network={
ssid="mySSID"
psk=0e6b906be7fb441b2a6e9a0c8873d2b81d6fcfe03da4cf1284a2d20371752479
}
I Slipped out microSD card from RPi, slipped into card reader plugged into Windows PC, and drag-dropped the file wpa_supplicant.conf (which has encrypted password) in /boot folder of microSD card. Sliped out microSD card from Windows PC, slipped into RPI and powered up, the WiFi connection established. SSH and checked file /etc/wpa_supplicant/wpa_supplicant.conf, and it has now encrypted password.
Now the file wpa_supplicant.conf on Desktop has encrypted password
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.